<<< Date Index >>>     <<< Thread Index >>>

Re: PHP security (or the lack thereof)



On 6/16/06, Darren Reed <avalon@xxxxxxxxxxxxxxxxxxx> wrote:

From my own mail archives, PHP appears to make up at least 4%
of the email to bugtraq I see - or over 1000 issues since 1995,
out of the 25,000 I have saved.

People complain about applications like sendmail...in the same
period, it has been resopnsible for less than 200.

Do we have a new contender for worst security offender ever
written ?

Well, PHP is a programming language and Sendmail is an application -
I'd say you are comparing apples and oranges here.

If you really want to compare applications, take phpBB for example
(which is the winner in this case), but I don't think it makes much
sense looking for a new contender for worst security offender ever
written ...

Bojan